Some DNS Requests Ruled Illegal in North Dakota 331
jgreco writes "A judge in North Dakota has just ruled that requesting a zone transfer from a public DNS server is criminal activity within the meaning of the North Dakota Computer Crimes Law. A zone transfer is a simple request that a DNS server hand over information in bulk, and a DNS server may be configured to allow or deny such requests. That the owner of a DNS server would configure the server to allow such requests, and then claim such requests were unauthorized, is simply stunning."
DNS illegal now? Read again. (Score:5, Informative)
Default settings allow it... (Score:2, Informative)
One more example of the law having to protect the stupid, but I can *sorta* see the point of it. This falls in line with stealing wifi from unprotected networks. Just because it's not secured doesn't mean it OK to break in.
FUD (Score:5, Informative)
The worst that can be said about it is that it's bad precedent and the judgment was wrong.
The judge did not make DNS requests illegal.
Re:DNS illegal now? Read again. (Score:5, Informative)
Facts from the ruling (Score:4, Informative)
If Ritz had previously been ordered to leave Sierra alone, and hadn't, then that's a basis for the ruling right there, completely ignoring any aspect of DNS. From the court documents, the guy sounds like quite a piehole.
Re:beware (Score:2, Informative)
Re:consequence of bad computer crime laws (Score:3, Informative)
The act of putting up a DNS server is exactly the same. But we now know it's illegal to access a DNS server, therefore it must be illegal to access a web server.
Without written permission in triplicate, signed in longhand by the owner of the data using a quill pen and attested by the county registrar and the sheriff, of course.
Re:Facts from the ruling (Score:3, Informative)
7. Ritz, at all times material, acted intentionally and with the intent to gather as much DNS and other information as possible about Sierra and its principals, agents and related entities and persons. Ritz made the information he gathered available to several persons, including a competitor of Sierra, SuperNews and SuperNews accessed that information. Ritz has admitted that SuperNews personnel accessed the zilla queries file where it resided on his computer via http connection.
8. The intended purpose of a zone transfer is primarily one of redundancy. Zone
-3-
transfers are the means by which a primary authoritative domain name server copies the domain structure to a secondary authoritative domain name server for the purpose of redundancy. Generally, both of those servers pertain to the same domain. In all intended uses of a zone transfer, the secondary server is operated by the same party that operates the primary server. A secondary intended purpose for zone transfers is to permit trouble shooting in which case zone transfers may sometimes be undertaken via the manually conducted host -l command. In those instances, however, the person conducting the diagnosis acts with the authorization of the operator of the system and is usually the network administrator for the system.
9. The evidence presented at trial produced no treatises or authoritative sources to suggest that any other intended purpose exists for a zone transfer. The academic and technical resources put in evidence at trial uniformly indicate that zone transfers have no intended purposes beyond those mentioned above.
10. The literature available on the subject all refers to access attempts such as the host -l command issued by Ritz under the circumstances of this case as "unauthorized." Microsoft itself, as well as various other, authorities all refer to zone transfers conducted by an individual other than the network administrator or an authoritative name server as "unauthorized."
11. Ritz accessed Sierra's computer, copied and disclosed information found on that computer beginning at least with the February 27, 2005 access and continuing thereafter through the summer of 2005. Ritz made several access attempts which were also unsuccessful after April 1, 2005.
12. Publication of the zilla queries file containing information about Sierra including its internal domain structure created a grave security risk for Sierra. That information, in the
-4-
hands of outsiders with malicious intent. threatens the integrity of Sierra's computer system. Publication of that information also competitively injured Sierra since a competitor such as SuperNews can use the information to better evaluate and compete with Sierra.
13. Ritz has port scanned thousands of computed, including those of Sierra.
14. Ritz frequently attempted to access Sierra's computers from a variety of locations in case Sierra was blocking access from his known IP address. He also concealed the IP address of his point of origin in order to shield himself from blame or, as he put it, "taking the beat."
15. Ritz has participated in approximately eighteen UseNet death penalties ("UDP"). A UDP is an attempt to force a Usenet service provider to change its behavior by threatening to have peers cancel their relationships with the target of the UDP, canceling messages propagated from the target of the UDP and if that fails, to go to other providers to convince them to cease doing business with the target. Once he was armed with Sierra's internal domain structure and published that information. Ritz called for a UDP against Sierra.
16. Ritz has issued Internet mail bombs and undertaken efforts which resulted in disconnecting third parties from the Internet
This guy was not doing ANYTHING legitimate. He was trying to damage their business through whatever means he could, including attacking their customer base. On top of it all, he began to try to circumvent the actions they took to prevent him from accessing the information. He started using proxies to bypass an IP block. To say this has any effect on a secondary DNS doing a zone transfer for DNS purposes is beyond stupid.
Re:Unbelievable (Score:5, Informative)
"In all intended uses of a zone transfer, the secondary server is operated by the same party that operates the primary server. A secondary intended purpose for zone transfers is to permit trouble shooting in which case zone transfers may sometimes be undertaken via the manually conducted host -l command. In those instances, however, the person conducting the diagnosis acts with the authorization of the operator of the system and is usually the network administrator for the system."
Sounds like the judge understood it pretty well to me.
Re:consequence of bad computer crime laws (Score:4, Informative)
That's what Sierra did, according to the court decision.
Either the admin responsible is incredibly stupid, incredibly lazy or just hasn't thought through the security implications.
Re:consequence of bad computer crime laws (Score:5, Informative)
Essentially, the judge ruled that the injunction did indeed include the DNS servers the company had. Imagine that, he got that one right!
IOW, even if the company was running a web server on port 80 and require no authentication, it can easily be assumed that --- the defendant would still be barred from making requests to that page. No, not people in general one specific individual who was barred from interacting with the company.
To rule otherwise is nothing but pure stupidity.
Re:consequence of bad computer crime laws (Score:4, Informative)
Forgive the redundancy, (Score:3, Informative)
Re:Unbelievable (Score:5, Informative)
Re:DNS illegal now? Read again. (Score:3, Informative)
Re:Facts from the ruling (Score:3, Informative)
*Looks like the guy on this site is a co-defendant with David Ritz, so maybe not the most reliable source.
Re:Port 53 rebel from hell (Score:4, Informative)
So who's the nerd now, huh?
The facts on the case (Score:3, Informative)
As one of the people involved in this, I think I should take a minute to set the record straight.
Sexzilla was once one of the largest porn spammers on usenet. I wrote about them on my web site. The owner, Jerry Reynolds, sued me for defamation. I asked the other spam-fighters for whatever they had on Sexzilla so I could defend myself.
David Ritz responded with something along the lines of "Oh, it's true alright, here's the dns zone information that proves it." He also published his results on-line.
Reynolds then sued David for an "unauthorized zone transfer".
That zone transfer is the entirety of Reynolds' case against David. The rest of the stuff in the judge's decision was all a bunch of bullshit spoon-fed to the judge by Reynolds. Most of it has nothing to do with the case at hand, and most of it is either untrue or gross distortions of the truth. For example, the "hijacked" computer was an open relay that Ritz used to send one message to Verizon security, proving to them that they had an open relay.
You can read the whole sorry saga here [blogspot.com].